Australian Govt. networks hacked by China after calls for Covid probe
"China's cyber reach is detectable on almost every government server.”Author : A. Gayatri
Just a few days after Australian Prime Minister Scott Morrison had endorsed an international investigation into the origins of the Coronavirus, thousands of Chinese bots plagued the Australian Government networks; this happened in April 2020. Supposedly, all these bots ran scores of scans searching for vulnerabilities that could later be manipulated.
The attack was immense and noisy, while there was a minor effort made to reveal the absence of the bots, informed Robert Potter, chief executive officer of Internet 2.0, is an Australian cybersecurity company working with the federal government.
"It was just a door knock, like someone walking up and ringing your doorbell," he said.
Previously, the network scan that went unreported was further observed by months of active hacks that would rumble the Australian economy. As per reports from individuals who are familiar with the situation, the departments of the Australian government that were targeted were the Bureau of Meteorology, departments of defence and health and the parliamentary email network. The hacks were also targeted at various state government departments like education and finance, along with several Australian universities and businesses. Even though cyber security experts have traced the majority of the hacks back to the systems used by China-based advanced persistent threat groups (APTs) or commonly known as state-sponsored hackers, Beijing has denied any involvement.
"China's cyber reach is detectable on almost every government server," Potter said. "It isn't subtle and it increases and decreases in a way that correlates to our overall relationship.”
Beijing’s increasing notoriousness to ensure its ‘super-power presence is felt is evident in the way it retaliated against Australia’s continuous demand for an international probe. It also showcases what China can do even to the wealthiest nations if annoyed.
Last year, cybersecurity became a globally discussed issue as many businesses and individuals who were working from home were targets of phishing, scams, hacking and extortions. Although China is not the only nation that carries out such attacks, the magnanimous scale of attacks against Australia is what sets it apart. Earlier there has been evidence of Chinese hacks from the US to India to Israel.
In June 2020, Australian PM announced that “state-based cyber actor” was “targeting Australian organisations across a range of sectors, including all levels of government, industry, as well as education and critical infrastructure”. This announcement came after Morrison deemed that the bot network scans, cyberattacks, breaches of the government’s networks were sufficient evidence.
People familiar with the situation said that Beijing cyber army had a clear involvement in it but Morrison refused to take names and said “there are not a lot of state-based actors that can engage in this type of activity.”
Beijing has strongly refuted these claims and said that the “Australian government and media have wrongly accused China of hacking many times before based on insufficient evidence.” Its foreign ministry added that “China has always supported and actively participated in scientific studies on finding origins of covid.”
China-Australia’s relationship has been on shaky ground for a long time with Australia actively curbing foreign interference and critical infrastructure acquisition. Australia’s call for a covid probe worsened things further. Being the first to ban Huawei Technologies Co. Ltd. and ZTE Corp from bidding for contracts to install communication networks like national broadband and 5G, Australia has been actively looking to limit Chinese influence in the country. Soon other countries like the U.S. and Sweden did the same.
"China's treatment of Australia has been distinctive if not unique," said Hugh White, a former intelligence official who is now an emeritus professor of strategic studies at the Australian National University. "I haven't been able to identify another country that had pressure placed on it over such a broad range of areas.”
White added that it is difficult for China to take a step back due to Australia’s regional position and the strategic partnership it holds with the U.S., which highlights its aim of dominance in Asia.
"The Chinese have been eager to look for the opportunity to show the rest of Asia what's at stake as they make their decisions about how they position themselves about the US and China," he said. "Australia is the perfect victim for that.”
Australian officials have been reluctant in attributing nation-state cyber activity to China publicly and have called out to them on international spying campaigns in association with its allies Washington and London.
Beijing rejected the claims of China behind the cover attacks after Morrison's allegations in June 2020, with Foreign Ministry spokesman Zhao Lijian interpreting the nation to be a "staunch upholder" of cybersecurity.
He called China "the biggest victim of cyberattacks."
Australia's director-general of security, Mike Burgess said that charging someone for spying is a distraction as every country does that. "If I'm pointing my finger at you accusing you of espionage, I've got three fingers pointing back at me," Burgess told the media in March.
He further stated that sometimes the government spies because someone has crossed the line yet it's not just stealing military secrets, it is "something else more offensive to our nation or damaging to our nation." And it is the best judgement that governments place.
Chinese diplomats in Canberra have alleged the government of pandering to Washington and wondered whether Chinese tourists and students have collectively generated over A$22 billion ($16 billion) revenue for Australia in 2019. They feel they might stop favouring a country that is not on friendly terms with China.
Ambassador Cheng Jingye said: "It is up to the people to decide. Maybe ordinary people will say "Why should we drink Australian wine? Eat Australian beef?" The remarks came after Morisson had ascertained for an inquiry.
In retaliation, Beijing halted trade with Australia which went on for a month, affecting exports from coal to grains, and from lobsters to wine, which is an industry of the capital value of A$1.2 billion in 2019, it now accounts for tariffs of more than 200%.
China came up with more vengeance. In November, the Chinese embassy in Canberra circulated the record of 14 resentments and blamed Australia for "poisoning bilateral relations."
The lists contained complaints of Huawei ban, the sign to probe the origins of Covid, cancelling academic visas and seizing 10 Chinese investment contracts.
The Australian media reported that the government was also criticised for "thinly veiled" accusations against China on cyberattacks without any testimonies and facts.
According to a government agency that traces the hacking activities, the Australian Government for the first time was amongst the top five sectors that reported most data breaches in 2020. In the report, state government systems and email networks from at least one of the government departments were subjected to a strong force attack and hacked. The Australian cabinet ministers fell prey to phishing scams attempting to extort money and collect details on their connections with the rebellions present in Hong Kong.
Threat analyst Paul Nevin, chief technology officer at Canberra-based cybersecurity firm Cyber Merc said that different from ransomware or refusal of service attacks, that paralysed the system network till the payments are conducted. Thus, the state's activities are unseen by the targets who later discover that they have been compromised by the government officials or somewhere outside.
"Those initial discussions usually come as a shock, and it takes a while for that to sink in," Nevin said.
Literate cybercriminals or state players will be watching out for the emails of executives inspecting for breach notifications.
"So one of the first things I would do is explain over the phone or a secure messaging system: do not mention this on email, do not talk about it, take it offline. You have to assume the actors are in there watching, and very often they are," he adds.
Defence minister Linda Reynolds in the government's cybersecurity agency's annual report said that there was a "new normal" of cyberattacks on Australia, obscuring the line between "peace and war."
While cybercriminals were drawing benefits from the weakness opened because of Covid, there were also "sophisticated and very well-resourced state-based actors who are seeking to interfere in our nation in this grey zone in any opportunistic way they can," she said.
Businesses were heavily impacted, said Michelle Price, chief executive officer of AustCyber, a government-funded organization directed in establishing the domestic cybersecurity industry.
"Industry threat analysts in Australia and elsewhere were telling me that as lobster shipments and barley were being rejected, they were seeing a commensurate level of activity happening in the cyber domain coming from China," added Price.
He continued saying that what Australia is going through, several nations have already seen before them, adding that it is not about reprisal targeting the government but "it spills out over into the broader economy and to the community," said Price.
"We become collateral damage in those kinds of government-to-government machinations."
The Australian education institutions are reluctant to speak about China’s online aggression against the country as they receive a whopping A$10 billion a year in fees from Chinese students. Monash University’s cybersecurity department in Melbourne does not “get involved in any political stories relating to China” as their researchers “ are not comfortable commenting on this issue,” says Hande Cater, the media advisor of Monash’s IT Faculty.
Even though Australia might be facing a unique situation, the range of tactics deployed by China against a country shows that Beijing is at fault.
Commenting on the current scenario, former prime minister Malcolm Turnbull said that it is very unlikely that either country will take a step back anytime soon.
"We have boundaries of trust with China, and there's nothing wrong with that, but what we've got to do is focus on the areas where we do have a level of trust," said Turnbull, who as prime minister banned Huawei from bidding to install Australia's 5G network.
"If I say I don't trust you enough to not misuse a capability that you would have if you built our 5G network, you are not going to persuade me by then beating me up in a whole lot of other areas."